Closed mtn217 closed 5 years ago
User Story | Implement a blacklisted regex for imported users |
---|---|
T-shirt size: | S |
User Story | "As we import users from an external identity provider, we want to prevent some privileged users from being displayed or logging in to NEXT to help prevent any escalated privilege actions." |
Description | Implement a regex indicating which set of users to not display on the People page and to stop from logging in. The regex will be configurable in the .env file. |
Requirements | 1) Implement a regex to be used in get_users(), get_a_user(), search(), and log_in() API endpoints. |
Acceptance Criteria/Tests | Users in the blacklisted regex are not able to login or display on the people page. |